DEBIAN-CVE-2025-4877

DEBIAN-CVE-2025-4877 PUBLISHED CVSS 4.5 MEDIUM

There's a vulnerability in the libssh package where when a libssh consumer passes in an unexpectedly large input buffer to ssh_get_fingerprint_hash() function. In such cases the bin_to_base64() function can experience an integer overflow leading to a memory under allocation, when that happens it's possible that the program perform out of bounds write leading to a heap corruption. This issue affects only 32-bits builds of libssh.

Risk Scores

CVSS 3.1

4.5

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

Affected Products

Vendor	Product	Versions
Debian:11	libssh	0.9.6-2, 0.9.5-1, 0
Debian:13	libssh	0, 0
Debian:14	libssh	0, 0
Debian:12	libssh	0.10.5-3, 0.10.5-3, 0.10.5-2

Exploit Intelligence

hydra-ssh.c (github-poc)

Timeline

Aug 20, 2025 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2025-4877 advisory

Open in Interactive Console →